From 23469ccef5e72b3cf6086d8b8726267e42f05a09 Mon Sep 17 00:00:00 2001
From: docs-bot <77750099+docs-bot@users.noreply.github.com>
Date: Thu, 11 Dec 2025 04:56:08 -0800
Subject: [PATCH 1/4] Update CodeQL query tables (#58725)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Co-authored-by: Óscar San José <oscarsj@github.com>
---
 data/reusables/code-scanning/codeql-query-tables/go.md   | 4 ++++
 data/reusables/code-scanning/codeql-query-tables/rust.md | 2 ++
 2 files changed, 6 insertions(+)

diff --git a/data/reusables/code-scanning/codeql-query-tables/go.md b/data/reusables/code-scanning/codeql-query-tables/go.md
index 7bb25f200e8c..c08ffe20849a 100644
--- a/data/reusables/code-scanning/codeql-query-tables/go.md
+++ b/data/reusables/code-scanning/codeql-query-tables/go.md
@@ -7,6 +7,8 @@
 | [Bad redirect check](https://codeql.github.com/codeql-query-help/go/go-bad-redirect-check/) | 601 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
 | [Clear-text logging of sensitive information](https://codeql.github.com/codeql-query-help/go/go-clear-text-logging/) | 312, 315, 359 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
 | [Command built from user-controlled sources](https://codeql.github.com/codeql-query-help/go/go-command-injection/) | 078 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
+| [Cookie 'HttpOnly' attribute is not set to true](https://codeql.github.com/codeql-query-help/go/go-cookie-httponly-not-set/) | 1004 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
+| [Cookie 'Secure' attribute is not set to true](https://codeql.github.com/codeql-query-help/go/go-cookie-secure-not-set/) | 614 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
 | [Cross-site scripting via HTML template escaping bypass](https://codeql.github.com/codeql-query-help/go/go-html-template-escaping-bypass-xss/) | 079, 116 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
 | [Database query built from user-controlled sources](https://codeql.github.com/codeql-query-help/go/go-sql-injection/) | 089 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
 | [Disabled TLS certificate check](https://codeql.github.com/codeql-query-help/go/go-disabled-certificate-check/) | 295 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
@@ -26,6 +28,8 @@
 | [Suspicious characters in a regular expression](https://codeql.github.com/codeql-query-help/go/go-suspicious-character-in-regex/) | 020 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
 | [Uncontrolled data used in network request](https://codeql.github.com/codeql-query-help/go/go-request-forgery/) | 918 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
 | [Uncontrolled data used in path expression](https://codeql.github.com/codeql-query-help/go/go-path-injection/) | 022, 023, 036, 073, 099 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
+| [Use of a broken or weak cryptographic algorithm](https://codeql.github.com/codeql-query-help/go/go-weak-cryptographic-algorithm/) | 327, 328 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
+| [Use of a broken or weak cryptographic hashing algorithm on sensitive data](https://codeql.github.com/codeql-query-help/go/go-weak-sensitive-data-hashing/) | 327, 328, 916 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
 | [Use of a weak cryptographic key](https://codeql.github.com/codeql-query-help/go/go-weak-crypto-key/) | 326 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
 | [Use of constant `state` value in OAuth 2.0 URL](https://codeql.github.com/codeql-query-help/go/go-constant-oauth2-state/) | 352 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
 | [Use of insecure HostKeyCallback implementation](https://codeql.github.com/codeql-query-help/go/go-insecure-hostkeycallback/) | 322 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
diff --git a/data/reusables/code-scanning/codeql-query-tables/rust.md b/data/reusables/code-scanning/codeql-query-tables/rust.md
index f18c7c47b8f5..44f52774c133 100644
--- a/data/reusables/code-scanning/codeql-query-tables/rust.md
+++ b/data/reusables/code-scanning/codeql-query-tables/rust.md
@@ -7,7 +7,9 @@
 | [Cleartext logging of sensitive information](https://codeql.github.com/codeql-query-help/rust/rust-cleartext-logging/) | 312, 359, 532 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
 | [Cleartext storage of sensitive information in a database](https://codeql.github.com/codeql-query-help/rust/rust-cleartext-storage-database/) | 312 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
 | [Cleartext transmission of sensitive information](https://codeql.github.com/codeql-query-help/rust/rust-cleartext-transmission/) | 319 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
+| [Cross-site scripting](https://codeql.github.com/codeql-query-help/rust/rust-xss/) | 079, 116 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
 | [Database query built from user-controlled sources](https://codeql.github.com/codeql-query-help/rust/rust-sql-injection/) | 089 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
+| [Disabled TLS certificate check](https://codeql.github.com/codeql-query-help/rust/rust-disabled-certificate-check/) | 295 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
 | [Failure to use HTTPS URLs](https://codeql.github.com/codeql-query-help/rust/rust-non-https-url/) | 319, 345 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
 | [Hard-coded cryptographic value](https://codeql.github.com/codeql-query-help/rust/rust-hard-coded-cryptographic-value/) | 259, 321, 798, 1204 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
 | [Regular expression injection](https://codeql.github.com/codeql-query-help/rust/rust-regex-injection/) | 020, 074 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |

From d6244e1d98216fc44c162d312faadc4351b16e3f Mon Sep 17 00:00:00 2001
From: docs-bot <77750099+docs-bot@users.noreply.github.com>
Date: Thu, 11 Dec 2025 04:56:16 -0800
Subject: [PATCH 2/4] Update CodeQL CLI manual (#58723)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Co-authored-by: Óscar San José <oscarsj@github.com>
---
 .../codeql-cli/codeql-cli-manual/bqrs-diff.md              | 7 +++++++
 .../codeql-cli/codeql-cli-manual/database-analyze.md       | 4 +---
 .../codeql-cli/codeql-cli-manual/database-run-queries.md   | 4 +---
 .../codeql-cli/codeql-cli-manual/database-upgrade.md       | 4 +---
 .../codeql-cli/codeql-cli-manual/dataset-upgrade.md        | 4 +---
 .../codeql-cli/codeql-cli-manual/execute-queries.md        | 4 +---
 .../codeql-cli/codeql-cli-manual/execute-query-server2.md  | 4 +---
 .../codeql-cli/codeql-cli-manual/execute-upgrades.md       | 4 +---
 .../codeql-cli/codeql-cli-manual/query-run.md              | 4 +---
 9 files changed, 15 insertions(+), 24 deletions(-)

diff --git a/content/code-security/codeql-cli/codeql-cli-manual/bqrs-diff.md b/content/code-security/codeql-cli/codeql-cli-manual/bqrs-diff.md
index 89f8e81da92f..25361e2b952d 100644
--- a/content/code-security/codeql-cli/codeql-cli-manual/bqrs-diff.md
+++ b/content/code-security/codeql-cli/codeql-cli-manual/bqrs-diff.md
@@ -65,6 +65,13 @@ corresponding output instead of comparing. If --both is given, that
 output is taken from `file1`. Defaults to 'nodes,edges,subpaths' to
 simplify handling of path-problem results.
 
+#### `--result-sets=<name1>,<name2>`
+
+Compare only the specified result sets. The format is
+\<name1>,\<name2> where \<name1> is the result set name in `file1`
+and \<name2> is the result set name in `file2`. The two result sets
+must be compatible. The option can be repeated.
+
 #### `--[no-]compare-internal-ids`
 
 \[Advanced] Include internal entity IDs in the comparison. Entity IDs
diff --git a/content/code-security/codeql-cli/codeql-cli-manual/database-analyze.md b/content/code-security/codeql-cli/codeql-cli-manual/database-analyze.md
index 190528e5cc02..44562d5035ca 100644
--- a/content/code-security/codeql-cli/codeql-cli-manual/database-analyze.md
+++ b/content/code-security/codeql-cli/codeql-cli-manual/database-analyze.md
@@ -328,9 +328,7 @@ thread).
 
 #### `--[no-]save-cache`
 
-\[Advanced] Aggressively write intermediate results to the disk cache.
-This takes more time and uses (much) more disk space, but may speed up
-the subsequent execution of similar queries.
+\[Deprecated] \[Advanced] This flag does nothing.
 
 #### `--[no-]expect-discarded-cache`
 
diff --git a/content/code-security/codeql-cli/codeql-cli-manual/database-run-queries.md b/content/code-security/codeql-cli/codeql-cli-manual/database-run-queries.md
index fa354dc903e9..d9fc27257274 100644
--- a/content/code-security/codeql-cli/codeql-cli-manual/database-run-queries.md
+++ b/content/code-security/codeql-cli/codeql-cli-manual/database-run-queries.md
@@ -170,9 +170,7 @@ thread).
 
 #### `--[no-]save-cache`
 
-\[Advanced] Aggressively write intermediate results to the disk cache.
-This takes more time and uses (much) more disk space, but may speed up
-the subsequent execution of similar queries.
+\[Deprecated] \[Advanced] This flag does nothing.
 
 #### `--[no-]expect-discarded-cache`
 
diff --git a/content/code-security/codeql-cli/codeql-cli-manual/database-upgrade.md b/content/code-security/codeql-cli/codeql-cli-manual/database-upgrade.md
index b57b822933d3..c6b78c6bcfec 100644
--- a/content/code-security/codeql-cli/codeql-cli-manual/database-upgrade.md
+++ b/content/code-security/codeql-cli/codeql-cli-manual/database-upgrade.md
@@ -129,9 +129,7 @@ thread).
 
 #### `--[no-]save-cache`
 
-\[Advanced] Aggressively write intermediate results to the disk cache.
-This takes more time and uses (much) more disk space, but may speed up
-the subsequent execution of similar queries.
+\[Deprecated] \[Advanced] This flag does nothing.
 
 #### `--[no-]expect-discarded-cache`
 
diff --git a/content/code-security/codeql-cli/codeql-cli-manual/dataset-upgrade.md b/content/code-security/codeql-cli/codeql-cli-manual/dataset-upgrade.md
index e61c13279727..5778a35bcc5c 100644
--- a/content/code-security/codeql-cli/codeql-cli-manual/dataset-upgrade.md
+++ b/content/code-security/codeql-cli/codeql-cli-manual/dataset-upgrade.md
@@ -125,9 +125,7 @@ thread).
 
 #### `--[no-]save-cache`
 
-\[Advanced] Aggressively write intermediate results to the disk cache.
-This takes more time and uses (much) more disk space, but may speed up
-the subsequent execution of similar queries.
+\[Deprecated] \[Advanced] This flag does nothing.
 
 #### `--[no-]expect-discarded-cache`
 
diff --git a/content/code-security/codeql-cli/codeql-cli-manual/execute-queries.md b/content/code-security/codeql-cli/codeql-cli-manual/execute-queries.md
index a11bafa50713..fbd9d6a7ccd8 100644
--- a/content/code-security/codeql-cli/codeql-cli-manual/execute-queries.md
+++ b/content/code-security/codeql-cli/codeql-cli-manual/execute-queries.md
@@ -153,9 +153,7 @@ thread).
 
 #### `--[no-]save-cache`
 
-\[Advanced] Aggressively write intermediate results to the disk cache.
-This takes more time and uses (much) more disk space, but may speed up
-the subsequent execution of similar queries.
+\[Deprecated] \[Advanced] This flag does nothing.
 
 #### `--[no-]expect-discarded-cache`
 
diff --git a/content/code-security/codeql-cli/codeql-cli-manual/execute-query-server2.md b/content/code-security/codeql-cli/codeql-cli-manual/execute-query-server2.md
index 802569157a79..0278dbad6fcd 100644
--- a/content/code-security/codeql-cli/codeql-cli-manual/execute-query-server2.md
+++ b/content/code-security/codeql-cli/codeql-cli-manual/execute-query-server2.md
@@ -78,9 +78,7 @@ thread).
 
 #### `--[no-]save-cache`
 
-\[Advanced] Aggressively write intermediate results to the disk cache.
-This takes more time and uses (much) more disk space, but may speed up
-the subsequent execution of similar queries.
+\[Deprecated] \[Advanced] This flag does nothing.
 
 #### `--[no-]expect-discarded-cache`
 
diff --git a/content/code-security/codeql-cli/codeql-cli-manual/execute-upgrades.md b/content/code-security/codeql-cli/codeql-cli-manual/execute-upgrades.md
index c607a976d52f..aa803ac7ea31 100644
--- a/content/code-security/codeql-cli/codeql-cli-manual/execute-upgrades.md
+++ b/content/code-security/codeql-cli/codeql-cli-manual/execute-upgrades.md
@@ -128,9 +128,7 @@ thread).
 
 #### `--[no-]save-cache`
 
-\[Advanced] Aggressively write intermediate results to the disk cache.
-This takes more time and uses (much) more disk space, but may speed up
-the subsequent execution of similar queries.
+\[Deprecated] \[Advanced] This flag does nothing.
 
 #### `--[no-]expect-discarded-cache`
 
diff --git a/content/code-security/codeql-cli/codeql-cli-manual/query-run.md b/content/code-security/codeql-cli/codeql-cli-manual/query-run.md
index 5f2f574c4ae7..226836c851b6 100644
--- a/content/code-security/codeql-cli/codeql-cli-manual/query-run.md
+++ b/content/code-security/codeql-cli/codeql-cli-manual/query-run.md
@@ -108,9 +108,7 @@ thread).
 
 #### `--[no-]save-cache`
 
-\[Advanced] Aggressively write intermediate results to the disk cache.
-This takes more time and uses (much) more disk space, but may speed up
-the subsequent execution of similar queries.
+\[Deprecated] \[Advanced] This flag does nothing.
 
 #### `--[no-]expect-discarded-cache`
 

From 7683cd43ac22c5050fe7bbf3efa47f10aece99ab Mon Sep 17 00:00:00 2001
From: Copilot <198982749+Copilot@users.noreply.github.com>
Date: Thu, 11 Dec 2025 14:02:16 +0000
Subject: [PATCH 3/4] Update Copilot Spaces docs with MCP server configuration
 for X-MCP-Toolsets header (#58707)

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: Bestra <2043348+Bestra@users.noreply.github.com>
Co-authored-by: Chris Westra <bestra@github.com>
Co-authored-by: Anne-Marie <102995847+am-stead@users.noreply.github.com>
---
 .../use-copilot-spaces/use-copilot-spaces.md  | 23 ++++++++++++++++++-
 1 file changed, 22 insertions(+), 1 deletion(-)

diff --git a/content/copilot/how-tos/provide-context/use-copilot-spaces/use-copilot-spaces.md b/content/copilot/how-tos/provide-context/use-copilot-spaces/use-copilot-spaces.md
index 21fe14554791..8049a4c023a0 100644
--- a/content/copilot/how-tos/provide-context/use-copilot-spaces/use-copilot-spaces.md
+++ b/content/copilot/how-tos/provide-context/use-copilot-spaces/use-copilot-spaces.md
@@ -38,7 +38,28 @@ Once you've accessed space context from your IDE:
 
 ### Prerequisites
 
-To use {% data variables.copilot.copilot_spaces_short %} in your IDE, you need to install the {% data variables.product.github %} MCP server. For setup instructions, see [AUTOTITLE](/copilot/how-tos/provide-context/use-mcp/use-the-github-mcp-server).
+To use {% data variables.copilot.copilot_spaces_short %} in your IDE, you need to:
+
+* Set up the remote {% data variables.product.github %} MCP server for your IDE. For more information, see [AUTOTITLE](/copilot/how-tos/provide-context/use-mcp/set-up-the-github-mcp-server) and [Remote {% data variables.product.github %} MCP Server](https://github.com/github/github-mcp-server/blob/main/docs/remote-server.md) in the {% data variables.product.github %} MCP server documentation.
+* Configure the set up of the remote {% data variables.product.github %} MCP server so that the {% data variables.copilot.copilot_spaces_short %} toolset is enabled.
+
+  The {% data variables.copilot.copilot_spaces_short %} toolset is not included in the default configuration, so you must explicitly enable it using the `X-MCP-Toolsets` header. The following example configuration enables both the default tools and {% data variables.copilot.copilot_spaces_short %}:
+
+   ```json copy
+   {
+     "servers": {
+       "github": {
+         "type": "http",
+         "url": "https://api.githubcopilot.com/mcp/",
+         "headers": {
+           "X-MCP-Toolsets": "default,copilot_spaces"
+         }
+       }
+     }
+   }
+   ```
+
+   Alternatively, you can use the dedicated {% data variables.copilot.copilot_spaces_short %} toolset URL: `https://api.githubcopilot.com/mcp/x/copilot_spaces`. Note that this configuration provides _only_ {% data variables.copilot.copilot_spaces_short %} tools, without other default {% data variables.product.github %} MCP server functionality.
 
 ### Accessing space context from your IDE
 

From d23879935de957fe2723410a56292fae93b86359 Mon Sep 17 00:00:00 2001
From: Greg Mondello <72952982+gmondello@users.noreply.github.com>
Date: Thu, 11 Dec 2025 08:35:42 -0600
Subject: [PATCH 4/4] Update usage endpoints in
 `billing/tutorials/automate-usage-reporting` (#58805)

---
 content/billing/tutorials/automate-usage-reporting.md | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/content/billing/tutorials/automate-usage-reporting.md b/content/billing/tutorials/automate-usage-reporting.md
index 71c43af245bc..5f7b2dd11e47 100644
--- a/content/billing/tutorials/automate-usage-reporting.md
+++ b/content/billing/tutorials/automate-usage-reporting.md
@@ -27,11 +27,12 @@ You need to use different endpoints to gather data depending on your account typ
 
 | Account | Report | Access | Endpoint | More information |
 |---------|--------|--------|----------|------------------|
-| Users | Usage data for all paid products | Account holder | `/users/{username}/settings/billing/usage` | [AUTOTITLE](/rest/billing/enhanced-billing?apiVersion=2022-11-28#get-billing-usage-report-for-a-user) |
-| Organizations | Premium request consumption, with details of quota and billed usage | Organization owners and billing managers | `/organizations/{org}/settings/billing/premium_request/usage` | [AUTOTITLE](/rest/billing/enhanced-billing?apiVersion=2022-11-28#get-billing-premium-request-usage-report-for-an-organization) |
-| Organizations | Usage data for all paid products | Organization owners and billing managers | `/organizations/{org}/settings/billing/usage` | [AUTOTITLE](/rest/billing/enhanced-billing?apiVersion=2022-11-28#get-billing-usage-report-for-an-organization) |
-| Enterprises | Premium request consumption, with details of quota and billed usage | Enterprise owners and billing managers | `/enterprises/{enterprise}/settings/billing/premium_request/usage` | [AUTOTITLE](/rest/enterprise-admin/billing?apiVersion=2022-11-28#get-billing-premium-request-usage-report-for-an-enterprise) |
-| Enterprises | Usage data for all paid products | Enterprise owners and billing managers | `/enterprises/{enterprise}/settings/billing/usage` | [AUTOTITLE](/rest/enterprise-admin/billing?apiVersion=2022-11-28#get-billing-usage-report-for-an-enterprise) |
+| Users | Premium request consumption, with details of quota and billed usage | Account holder | `/users/{username}/settings/billing/premium_request/usage` | [AUTOTITLE](/rest/billing/usage?apiVersion=2022-11-28#get-billing-premium-request-usage-report-for-a-user) |
+| Users | Usage data for all paid products | Account holder | `/users/{username}/settings/billing/usage/summary` | [AUTOTITLE](/rest/billing/usage?apiVersion=2022-11-28#get-billing-usage-summary-for-a-user) |
+| Organizations | Premium request consumption, with details of quota and billed usage | Organization owners and billing managers | `/organizations/{org}/settings/billing/premium_request/usage` | [AUTOTITLE](/rest/billing/usage?apiVersion=2022-11-28#get-billing-premium-request-usage-report-for-an-organization) |
+| Organizations | Usage data for all paid products | Organization owners and billing managers | `/organizations/{org}/settings/billing/usage/summary` | [AUTOTITLE](/rest/billing/usage?apiVersion=2022-11-28#get-billing-usage-summary-for-an-organization) |
+| Enterprises | Premium request consumption, with details of quota and billed usage | Enterprise owners and billing managers | `/enterprises/{enterprise}/settings/billing/premium_request/usage` | [AUTOTITLE](/rest/billing/usage?apiVersion=2022-11-28#get-billing-premium-request-usage-report-for-an-enterprise) |
+| Enterprises | Usage data for all paid products | Enterprise owners and billing managers | `/enterprises/{enterprise}/settings/billing/usage/summary` | [AUTOTITLE](/rest/billing/usage?apiVersion=2022-11-28#get-billing-usage-summary-for-an-enterprise) |
 
 {% endrowheaders %}